This section describes the method for restricting an account to SSH File Transfer Protocol
(SFTP) access only.
Create a user account based on the following example.
user { "foo":
uid => <UID>,
gid => <GID>,
shell => <Path to SFTP Server>
}
On a SIMP system, shell would be: "/usr/libexec/openssh/sftp-server"
To modify /etc/shells
to include the shell information provided in the previous user account example, add common::shells
in Hiera, and add /usr/libexec/openssh/sftp-server
to the list.